| With the implement of the strategies that national information technologystimulates the development of industrialization,computer networks andinformation systems have made considerable progress;network system is widelyused in industry,commerce,government and defense security.The internal andexternal environment of network system is becoming increasingly complex,whichmakes none of the network systems absolutely safe.As a new direction in networksecurity,survivability is different from traditional network security,it provides uswith a new way to conduct the research of the network security.The present dissertation probes into the evaluation of survivability and thetechnology of enhancing network information system thus the weak points of theinformation system could be analyzed and located,meanwhile the method ofenhancing survivability of the system could be proposed based on the result of thequantitative analysis.The dissertation involved the following aspects:Firstly,the modeling method of information system survivability analysisbased on Stochastic Petri Net(SPN) is presented.In this model,networkinformation system is divided into request modules,communication modules,processing modules and storing modules.And then,combining formal descriptionof system working flow with survivability analysis modeling,the dissertationrespectively describes the SPN modeling method of universal information systemmodel,service disabled,recovery,modules redundancy and survivability attributemodel.Accordingly,makes quality and quantity analysis of system survivability.Secondly,a hierarchical evaluation model of network system survivability isproposed.According to this model,the first step is gathering the information ofkey services and atomic service compositions and then detecting the leakinformation.The second step is building the network attack graph and theattacking scheme.The third is replaying attacking data.Finally,the survivability is quantified according the records of the QoS before and after attacking.Thirdly,based on redundancy and diversity the method of enhancing systemsurvivability is proposed by self-organization.According to the historical data ofaverage response time,survivability curves are drawn.The self-organizationalgorithm is designed based on the survivability of atomic modules,systemefficiency and the quality of service.Fourthly,service self-organization system is put forward based onconnection handoff under the condition of redundant backup.According toservice processing flow,the system is divided into communication,servicedistribution and service supply modules.Backup modules' survivabilityinformation is send to online modules and gets the list of newest service states.When the survivability of a module is highest,the self-organization strategies areimplemented using multi-handoff technology.The system possesses the meritssuch as transparency to users,flexibility and operability of the configuration.Experiments confirm that this method can enhance the quality of service andimprove service survivability.The research of network information system survivability is still at thestarting phase.The model of information system survivability analysis based onstochastic Petri net is put forward for system design;the result of the research canprovide a direct for survivability design.Then a hierarchical evaluation model ofsurvivability is proposed for networked information system which can helpsystem administrator locate the weak point of information system rapidly.In orderto enhance the system survivability,the service self-organization algorithm isdesigned based on the survivability of atomic modules,and then serviceself-organization system which is based on TCP protocol is put forward based onconnection handoff.The system possesses a sound universality and applicability.
|
PDF Full Text Request